Yearn Finance copy scam attempts to strip visitors of their passwords

Fraudulent websites posing as famous crypto projects request private keys in order to steal users‘ funds.

The decentralized yield farming platform Yearn Finance has a double that is tricking visitors into sharing the private keys to their cryptosystems wallets.

Yearn Finance’s fraudulent website perfectly copies almost every aspect of the original yearn.finance website right down to the design, website copy and even the domain name. The fraudsters behind the website chose the domain name „yaerm.finance“, which makes it look extremely similar to „yearn.finace“.

The rise of scams at DeFi tarnishes the Yield Farming market niche
They also promoted their landing page for the search keyword „yearn finance“, so it appears at the top of the search results when people search for the actual website.

The fake address (in red) on top of the genuine address (in green)
Once a user clicks on the ad, it directs them to the yaerm.finance page which looks exactly like the official Yearn Finance website. However, after scrolling down from the first window that appears, one finds that the website contains a strange „seven easy hairstyles“ guide.

Similar to the original website, the fraudulent website also has six different options in the first window. These include Board, Vault, Win, Zap, Coverage, and Statistics.

YouTube’s sordid fall in promoting scams
Regardless of which option a user clicks on, it directs him to a page that asks users to connect their wallets.

When users try to connect their wallets, the scam site presents a list of cryptic wallets from which they can choose. It then displays a pop-up window that asks users to share their private key or passphrase.

Copy scams are relatively common in the crypto space. Another website masquerades as the Trust Wallet to trick crypto-currency users.

Belgian investors lost USD 12 million in cryptology and currency exchange scams last year
Crypto India wrote on Twitter that scammers have been sending dust – a very small fraction of a crypto currency that cannot be exchanged or traded – from Binance Coin (BNB) to random crypto wallets. Each of these transactions had a memo notifying users that they had earned 30 or 50 BNB tokens and containing an external link to „claim“ those tokens.

The Trust Wallet-like website has a call to action button that says „Claim Prize“ and, when clicked, opens a window that asks users to enter their private keys.

Users who are new to the world of crypto-currency and are not aware of the importance of keeping their private keys „private“ can easily fall for these scams and give scammers easy access to their funds.